Commit Graph

4 Commits

Author SHA1 Message Date
Ben Grande
13c57939a7
fix: uninstall cacher client with tag in pillar
Targeting only qubes with the tag on the installation instructions is
still useful as it is faster than targeting all qubes.

Fixes: https://github.com/ben-grande/qusal/issues/41
2024-06-13 13:28:24 +02:00
Ben Grande
fc22726ee8
feat: build and sign RPM packages
Passing files to Dom0 is always dangerous:

- Passing a git repository is dangerous as it can have ignored modified
  files and signature verification will pass.
- Passing an archive is troublesome for updates.
- Passing an RPM package depends on the RPM verification to be correct,
  some times it is not.
- Passing a RPM repository definition is less troublesome for the user,
  as it is a small file to verify the contents and update mechanism is
  via the package manager. Trust in RPM verification is still required.

Many improvements were made to the build scripts:

- requires-program: Single function to check if program is installed;
- spec-get: Sort project names for the usage message;
- spec-get: Only running commands that are necessary;
- spec-get: Fix empty summary when readme has copyright header;
- spec-gen: Fix grep warning of escaped symbol;
- spec-build: Sign RPM and verify signature;
- spec-build: Only lint the first SPEC for faster runtime;
- yumrepo-gen: Generate a local yum repository with signed metadata;
- qubesbuilder-gen: Generate a .qubesbuilder based on tracked projects;
- release: Build, sign and push all RPMs to repository.

Goal is to be able to build with qubes-builderv2 Qubes Executor.

For: https://github.com/ben-grande/qusal/issues/37
2024-06-12 14:44:04 +02:00
Ben Grande
9b6895b06f feat: print hex of unicode
Useful to detect unwanted characters in third party contributions
patches using a CI hook.
2024-03-14 12:09:49 +01:00
Ben Grande
5eebd789ed refactor: initial commit 2023-11-13 14:33:28 +00:00